(Re-submitted) Sorry, previous message had a misleading subject line. Has the method of checking for patches/updates changed for Linux (specifically Red Hat)? Starting in August, our monthly patch scans showed a ridiculously low number of vulnerabilities: 1 missing patch (total) across 140 Linux servers. Our most recent patch scan ran this past Saturday with the same results, yet running 'up2date --dry-run' on 4 randomly-chosen servers showed between 10 and 12 missing patches on all four hosts. Most of the patches were released slightly less than one month ago (since our last maintenance window, which is when we patch our production systems).
I can send the nessusrc file and/or KB for the sample hosts privately. John Scherff 24 Hour Fitness _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
